7.5. Compliant with Compliance
The need to meet an increasing number of industry and government regulations and requirements faces most — if not all — of today's organizations, regardless of location or industry.
But meeting specific requirements set forth by industry bodies and government entities is just part of the problem that organizations today have to deal with. The other part of the problem involves the mandate that organizations prove their adherence to these government and industry regulations.
Adhering to (and proving adherence to) specific industry and governmental regulations places a tremendous burden on already-taxed network and security resources — both physical and human resources. Already stretched thin by being forced to do more with less, complying with industry or governmental regulations may stretch an organization's teams to the breaking point. We see it all the time.
So, we advocate that organizations create compliance teams (if they already haven't), either full or part time (based on your organization's needs). A compliance team has to
Identify and fully understand the industry and government regulations to which the organization must adhere.
Call out the various requirements and line items in each regulation that affect your organization and their business.
Identify the means within the organization — the technology, processes, policies, and so on — that already exist or that you need to create to address the requirements in the regulations.
Work with other ...
Get Network Access Control For Dummies® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
